Skip to content

Commit

Permalink
fix signature & update testcase.
Browse files Browse the repository at this point in the history
  • Loading branch information
huiguangjun committed Jan 27, 2024
1 parent 8ae9527 commit 1194a51
Show file tree
Hide file tree
Showing 58 changed files with 269 additions and 76 deletions.
5 changes: 3 additions & 2 deletions sdk/src/OssClientImpl.cc
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@
#include "utils/SignUtils.h"
#include "utils/ThreadExecutor.h"
#include "signer/Signer.h"
#include "signer/HmacSha1Signer.h"
#include "OssClientImpl.h"
#include "utils/LogUtils.h"
#include "utils/FileSystemUtils.h"
Expand Down Expand Up @@ -173,7 +174,7 @@ void OssClientImpl::addSignInfo(const std::shared_ptr<HttpRequest> &httpRequest,
}

if (httpRequest->hasHeader("x-oss-date")) {
t = ToUnixTime(httpRequest->Header(Http::DATE), "%a, %d %b %Y %H:%M:%S GMT");
t = ToUnixTime(httpRequest->Header("x-oss-date"), "%a, %d %b %Y %H:%M:%S GMT");
}

SignerParam signerParam(std::move(region), std::move(product),
Expand Down Expand Up @@ -1716,7 +1717,7 @@ StringOutcome OssClientImpl::GenerateRTMPSignedUrl(const GenerateRTMPSignedUrlRe
SignUtils signUtils(signer_->version());
auto resource = std::string().append("/").append(request.Bucket()).append("/").append(request.ChannelName());
signUtils.build(expireStr, resource, parameters);
auto signature = signer_->generate(signUtils.CanonicalString(), credentials.AccessKeySecret());
auto signature = HmacSha1Signer::generate(signUtils.CanonicalString(), credentials.AccessKeySecret());
parameters["Expires"] = expireStr;
parameters["OSSAccessKeyId"] = credentials.AccessKeyId();
parameters["Signature"] = signature;
Expand Down
101 changes: 101 additions & 0 deletions sdk/src/signer/HmacSha1Signer.cc
Original file line number Diff line number Diff line change
@@ -0,0 +1,101 @@
/*
* Copyright 2009-2017 Alibaba Cloud All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

#include "HmacSha1Signer.h"
#if 0//def _WIN32
#include <windows.h>
#include <wincrypt.h>
#else
#include <openssl/hmac.h>
#ifdef OPENSSL_IS_BORINGSSL
#include <openssl/base64.h>
#endif
#endif

using namespace AlibabaCloud::OSS;

HmacSha1Signer::HmacSha1Signer()
{
}

HmacSha1Signer::~HmacSha1Signer()
{
}

std::string HmacSha1Signer::generate(const std::string & src, const std::string & secret)
{
if (src.empty())
return std::string();

#if 0//def _WIN32
typedef struct _my_blob {
BLOBHEADER hdr;
DWORD dwKeySize;
BYTE rgbKeyData[];
}my_blob;

DWORD kbLen = sizeof(my_blob) + secret.size();
my_blob * kb = (my_blob *)LocalAlloc(LPTR, kbLen);
kb->hdr.bType = PLAINTEXTKEYBLOB;
kb->hdr.bVersion = CUR_BLOB_VERSION;
kb->hdr.reserved = 0;
kb->hdr.aiKeyAlg = CALG_RC2;
kb->dwKeySize = secret.size();
memcpy(&kb->rgbKeyData, secret.c_str(), secret.size());

HCRYPTPROV hProv = 0;
HCRYPTKEY hKey = 0;
HCRYPTHASH hHmacHash = 0;
BYTE pbHash[32];
DWORD dwDataLen = 32;
HMAC_INFO HmacInfo;
ZeroMemory(&HmacInfo, sizeof(HmacInfo));
HmacInfo.HashAlgid = CALG_SHA1;

CryptAcquireContext(&hProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_NEWKEYSET);
CryptImportKey(hProv, (BYTE*)kb, kbLen, 0, CRYPT_IPSEC_HMAC_KEY, &hKey);
CryptCreateHash(hProv, CALG_HMAC, hKey, 0, &hHmacHash);
CryptSetHashParam(hHmacHash, HP_HMAC_INFO, (BYTE*)&HmacInfo, 0);
CryptHashData(hHmacHash, (BYTE*)(src.c_str()), src.size(), 0);
CryptGetHashParam(hHmacHash, HP_HASHVAL, pbHash, &dwDataLen, 0);

LocalFree(kb);
CryptDestroyHash(hHmacHash);
CryptDestroyKey(hKey);
CryptReleaseContext(hProv, 0);

DWORD dlen = 0;
CryptBinaryToString(pbHash, dwDataLen, CRYPT_STRING_BASE64 | CRYPT_STRING_NOCRLF, NULL, &dlen);
char* dest = new char[dlen];
CryptBinaryToString(pbHash, dwDataLen, CRYPT_STRING_BASE64 | CRYPT_STRING_NOCRLF, dest, &dlen);

std::string ret = std::string(dest, dlen);
delete[] dest;
return ret;
#else
unsigned char md[32];
unsigned int mdLen = 32;

if (HMAC(EVP_sha1(), secret.c_str(), static_cast<int>(secret.size()),
reinterpret_cast<const unsigned char*>(src.c_str()), src.size(),
md, &mdLen) == nullptr)
return std::string();

char encodedData[100];
EVP_EncodeBlock(reinterpret_cast<unsigned char*>(encodedData), md, mdLen);
return encodedData;
#endif
}
36 changes: 36 additions & 0 deletions sdk/src/signer/HmacSha1Signer.h
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
/*
* Copyright 2009-2017 Alibaba Cloud All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

#pragma once

#include "Signer.h"


namespace AlibabaCloud
{
namespace OSS
{

class HmacSha1Signer
{
public:
HmacSha1Signer();
~HmacSha1Signer();

static std::string generate(const std::string &src, const std::string &secret);
};
}
}
20 changes: 2 additions & 18 deletions sdk/src/signer/SignerV1.cc
Original file line number Diff line number Diff line change
Expand Up @@ -16,13 +16,10 @@

#include <sstream>
#include "Signer.h"
#include "HmacSha1Signer.h"
#include "../utils/SignUtils.h"
#include "../utils/Utils.h"
#include "../utils/LogUtils.h"
#include <openssl/hmac.h>
#ifdef OPENSSL_IS_BORINGSSL
#include <openssl/base64.h>
#endif

using namespace AlibabaCloud::OSS;

Expand Down Expand Up @@ -56,20 +53,7 @@ static std::string buildResource(const std::string &bucket, const std::string &k

std::string SignerV1::generate(const std::string & src, const std::string & secret) const
{
if (src.empty())
return std::string();

unsigned char md[32];
unsigned int mdLen = 32;

if (HMAC(EVP_sha1(), secret.c_str(), static_cast<int>(secret.size()),
reinterpret_cast<const unsigned char*>(src.c_str()), src.size(),
md, &mdLen) == nullptr)
return std::string();

char encodedData[100];
EVP_EncodeBlock(reinterpret_cast<unsigned char*>(encodedData), md, mdLen);
return encodedData;
return HmacSha1Signer::generate(src, secret);
}

void SignerV1::sign(const std::shared_ptr<HttpRequest> &httpRequest, ParameterCollection &parameters,
Expand Down
7 changes: 7 additions & 0 deletions sdk/src/signer/SignerV4.cc
Original file line number Diff line number Diff line change
Expand Up @@ -196,6 +196,9 @@ static std::string buildCanonicalReuqest(const std::shared_ptr<HttpRequest> &htt
for (const auto &header : httpRequest->Headers()) {
std::string lowerKey = ToLower(header.first.c_str());
std::string value = Trim(header.second.c_str());
if (value.empty()) {
continue;
}
if (lowerKey == "content-type" ||
lowerKey == "content-md5" ||
lowerKey.compare(0, 6, "x-oss-") == 0) {
Expand Down Expand Up @@ -288,6 +291,10 @@ void SignerV4::sign(const std::shared_ptr<HttpRequest> &httpRequest, ParameterCo
httpRequest->addHeader(Http::DATE, ToGmtTime(requestTime));
httpRequest->addHeader("x-oss-date", datetime);

if (!httpRequest->hasHeader("x-oss-content-sha256")) {
httpRequest->addHeader("x-oss-content-sha256", "UNSIGNED-PAYLOAD");
}

auto additionalHeaders = getCommonAdditionalHeaders(httpRequest->Headers(), signerParam.AdditionalHeaders());

auto canonicalReuqest = buildCanonicalReuqest(httpRequest, parameters, signerParam, additionalHeaders);
Expand Down
2 changes: 1 addition & 1 deletion test/src/Bucket/BucketAclSettingsTest.cc
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ class BucketAclSettingsTest : public ::testing::Test {
// Sets up the stuff shared by all tests in this test case.
static void SetUpTestCase()
{
Client = std::make_shared<OssClient>(Config::Endpoint, Config::AccessKeyId, Config::AccessKeySecret, ClientConfiguration());
Client = TestUtils::GetOssClientDefault();
BucketName = TestUtils::GetBucketName("cpp-sdk-bucketaclsettings");
Client->CreateBucket(CreateBucketRequest(BucketName));
}
Expand Down
2 changes: 1 addition & 1 deletion test/src/Bucket/BucketBasicOperationTest.cc
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ class BucketBasicOperationTest : public ::testing::Test {
// Sets up the stuff shared by all tests in this test case.
static void SetUpTestCase()
{
Client = std::make_shared<OssClient>(Config::Endpoint, Config::AccessKeyId, Config::AccessKeySecret, ClientConfiguration());
Client = TestUtils::GetOssClientDefault();
}

// Tears down the stuff shared by all tests in this test case.
Expand Down
2 changes: 1 addition & 1 deletion test/src/Bucket/BucketCorsSettingsTest.cc
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ class BucketCorsSettingsTest : public ::testing::Test {
// Sets up the stuff shared by all tests in this test case.
static void SetUpTestCase()
{
Client = std::make_shared<OssClient>(Config::Endpoint, Config::AccessKeyId, Config::AccessKeySecret, ClientConfiguration());
Client = TestUtils::GetOssClientDefault();
BucketName = TestUtils::GetBucketName("cpp-sdk-bucketcorssettings");
Client->CreateBucket(CreateBucketRequest(BucketName));
}
Expand Down
2 changes: 1 addition & 1 deletion test/src/Bucket/BucketEncryptionTest.cc
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ namespace OSS {
// Sets up the stuff shared by all tests in this test case.
static void SetUpTestCase()
{
Client = std::make_shared<OssClient>(Config::Endpoint, Config::AccessKeyId, Config::AccessKeySecret, ClientConfiguration());
Client = TestUtils::GetOssClientDefault();
BucketName = TestUtils::GetBucketName("cpp-sdk-bucketencryption");
Client->CreateBucket(CreateBucketRequest(BucketName));
}
Expand Down
2 changes: 1 addition & 1 deletion test/src/Bucket/BucketInventoryConfigurationTest.cc
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ class BucketInventoryConfigurationTest : public ::testing::Test {
// Sets up the stuff shared by all tests in this test case.
static void SetUpTestCase()
{
Client = std::make_shared<OssClient>(Config::Endpoint, Config::AccessKeyId, Config::AccessKeySecret, ClientConfiguration());
Client = TestUtils::GetOssClientDefault();
BucketName = TestUtils::GetBucketName("cpp-sdk-inventory");
DstBucketName = TestUtils::GetBucketName("cpp-sdk-inventory-dst");
Client->CreateBucket(CreateBucketRequest(BucketName));
Expand Down
4 changes: 2 additions & 2 deletions test/src/Bucket/BucketLifecycleSettingsTest.cc
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ class BucketLifecycleSettingsTest : public ::testing::Test {
// Sets up the stuff shared by all tests in this test case.
static void SetUpTestCase()
{
Client = std::make_shared<OssClient>(Config::Endpoint, Config::AccessKeyId, Config::AccessKeySecret, ClientConfiguration());
Client = TestUtils::GetOssClientDefault();
BucketName = TestUtils::GetBucketName("cpp-sdk-bucketlifecyclesettings");
Client->CreateBucket(BucketName);
}
Expand Down Expand Up @@ -959,7 +959,7 @@ TEST_F(BucketLifecycleSettingsTest, SetAndGetLifecycleRuleWithVersioningTest)
auto bucketName = BucketName;
bucketName.append("-lc-version");

auto client = std::make_shared<OssClient>(Config::Endpoint, Config::AccessKeyId, Config::AccessKeySecret, ClientConfiguration());
auto client = TestUtils::GetOssClientDefault();

auto cOutcome = client->CreateBucket(bucketName);
EXPECT_EQ(cOutcome.isSuccess(), true);
Expand Down
2 changes: 1 addition & 1 deletion test/src/Bucket/BucketLoggingSettingsTest.cc
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ class BucketLoggingSettingsTest : public ::testing::Test {
// Sets up the stuff shared by all tests in this test case.
static void SetUpTestCase()
{
Client = std::make_shared<OssClient>(Config::Endpoint, Config::AccessKeyId, Config::AccessKeySecret, ClientConfiguration());
Client = TestUtils::GetOssClientDefault();
BucketName = TestUtils::GetBucketName("cpp-sdk-bucketloggingsettings");
Client->CreateBucket(CreateBucketRequest(BucketName));
}
Expand Down
2 changes: 1 addition & 1 deletion test/src/Bucket/BucketPolicySettingsTest.cc
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ class BucketPolicySettingsTest : public ::testing::Test {
// Sets up the stuff shared by all tests in this test case.
static void SetUpTestCase()
{
Client = std::make_shared<OssClient>(Config::Endpoint, Config::AccessKeyId, Config::AccessKeySecret, ClientConfiguration());
Client = TestUtils::GetOssClientDefault();
BucketName = TestUtils::GetBucketName("cpp-sdk-bucketpolicysettings");
Client->CreateBucket(CreateBucketRequest(BucketName));
}
Expand Down
2 changes: 1 addition & 1 deletion test/src/Bucket/BucketQosInfoTest.cc
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ namespace OSS
// Sets up the stuff shared by all tests in this test case.
static void SetUpTestCase()
{
Client = std::make_shared<OssClient>(Config::Endpoint, Config::AccessKeyId, Config::AccessKeySecret, ClientConfiguration());
Client = TestUtils::GetOssClientDefault();
BucketName = TestUtils::GetBucketName("cpp-sdk-bucketqosinfo");
Client->CreateBucket(CreateBucketRequest(BucketName));
}
Expand Down
2 changes: 1 addition & 1 deletion test/src/Bucket/BucketRefersSettingsTest.cc
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ class BucketRefersSettingsTest : public ::testing::Test {
// Sets up the stuff shared by all tests in this test case.
static void SetUpTestCase()
{
Client = std::make_shared<OssClient>(Config::Endpoint, Config::AccessKeyId, Config::AccessKeySecret, ClientConfiguration());
Client = TestUtils::GetOssClientDefault();
BucketName = TestUtils::GetBucketName("cpp-sdk-bucketreferssettings");
Client->CreateBucket(CreateBucketRequest(BucketName));
}
Expand Down
2 changes: 1 addition & 1 deletion test/src/Bucket/BucketRequestPaymentTest.cc
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ class BucketRequestPaymentTest : public ::testing::Test
{
ClientConfiguration conf;
conf.enableCrc64 = false;
Client = std::make_shared<OssClient>(Config::Endpoint, Config::AccessKeyId, Config::AccessKeySecret, ClientConfiguration());
Client = TestUtils::GetOssClientDefault();

BucketName1 = TestUtils::GetBucketName("cpp-sdk-objectcopy1");
CreateBucketOutcome outCome = Client->CreateBucket(CreateBucketRequest(BucketName1));
Expand Down
2 changes: 1 addition & 1 deletion test/src/Bucket/BucketStorageCapacityTest.cc
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ class BucketStorageCapacityTest : public ::testing::Test {
// Sets up the stuff shared by all tests in this test case.
static void SetUpTestCase()
{
Client = std::make_shared<OssClient>(Config::Endpoint, Config::AccessKeyId, Config::AccessKeySecret, ClientConfiguration());
Client = TestUtils::GetOssClientDefault();
BucketName = TestUtils::GetBucketName("cpp-sdk-bucketstoragecapacity");
Client->CreateBucket(CreateBucketRequest(BucketName));
}
Expand Down
2 changes: 1 addition & 1 deletion test/src/Bucket/BucketTaggingtTest.cc
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ namespace OSS
// Sets up the stuff shared by all tests in this test case.
static void SetUpTestCase()
{
Client = std::make_shared<OssClient>(Config::Endpoint, Config::AccessKeyId, Config::AccessKeySecret, ClientConfiguration());
Client = TestUtils::GetOssClientDefault();
BucketName = TestUtils::GetBucketName("cpp-sdk-buckettagging");
Client->CreateBucket(CreateBucketRequest(BucketName));
}
Expand Down
2 changes: 1 addition & 1 deletion test/src/Bucket/BucketVersioningTest.cc
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ namespace OSS {
// Sets up the stuff shared by all tests in this test case.
static void SetUpTestCase()
{
Client = std::make_shared<OssClient>(Config::Endpoint, Config::AccessKeyId, Config::AccessKeySecret, ClientConfiguration());
Client = TestUtils::GetOssClientDefault();
BucketName = TestUtils::GetBucketName("cpp-sdk-versioning");
Client->CreateBucket(CreateBucketRequest(BucketName));
}
Expand Down
2 changes: 1 addition & 1 deletion test/src/Bucket/BucketWebsiteSettingsTest.cc
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ class BucketWebsiteSettingsTest : public ::testing::Test {
// Sets up the stuff shared by all tests in this test case.
static void SetUpTestCase()
{
Client = std::make_shared<OssClient>(Config::Endpoint, Config::AccessKeyId, Config::AccessKeySecret, ClientConfiguration());
Client = TestUtils::GetOssClientDefault();
BucketName = TestUtils::GetBucketName("cpp-sdk-bucketwebsitesettings");
Client->CreateBucket(CreateBucketRequest(BucketName));
}
Expand Down
2 changes: 1 addition & 1 deletion test/src/Bucket/BucketWormSettings.cc
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ class BucketWormSettings : public ::testing::Test {
// Sets up the stuff shared by all tests in this test case.
static void SetUpTestCase()
{
Client = std::make_shared<OssClient>(Config::Endpoint, Config::AccessKeyId, Config::AccessKeySecret, ClientConfiguration());
Client = TestUtils::GetOssClientDefault();
BucketName = TestUtils::GetBucketName("cpp-sdk-bucketwormsettings");
Client->CreateBucket(CreateBucketRequest(BucketName));
}
Expand Down
Loading

0 comments on commit 1194a51

Please sign in to comment.